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Art Unit: 2431 

1 This action is in response to the communication filed on 12/13/2005. 

2 DETAILED ACTION 

3 Claims 1-31 have been examined. 

4 Title 

5 The title of the invention is acceptable. 

6 Information Disclosure Statement 

7 The information disclosure statement(s) (IDS) submitted on 12/13/2005, and 3/31/2009 

8 are in compliance with the provisions of 37 CFR 1 .97. Accordingly, the examiner is considering 

9 the information disclosure statements. 

10 The listing of references in the specification is not a proper information disclosure 



1 1 statement. 37 CFR 1 .98(b) requires a list of all patents, publications, or other information 

12 submitted for consideration by the Office, and MPEP § 609.04(a) states, "the list may not be 

13 incorporated into the specification but must be submitted in a separate paper." Therefore, unless 

14 the references have been cited by the examiner on form PTO-892, they have not been 



15 considered. 

16 Drawings 

17 The drawings filed on 12/13/2005 are acceptable for examination proceedings. 

18 Specification 

19 The following guidelines illustrate the preferred layout for the specification of a utility 

20 application. These guidelines are suggested for the applicant's use. 
21 

22 Arrangement of the Specification 

23 

24 As provided in 37 CFR 1 .77(b), the specification of a utility application should include 

25 the following sections in order. Each of the lettered items should appear in upper case, 
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1 without underlining or bold type, as a section heading. If no text follows the section heading, 

2 the phrase "Not Applicable" should follow the section heading: 



3 

4 (a) TITLE OF THE INVENTION. 

5 (b) CROSS-REFERENCE TO RELATED APPLICATIONS. 

6 (c) STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR 

7 DEVELOPMENT. 

8 (d) THE NAMES OF THE PARTIES TO A JOINT RESEARCH AGREEMENT. 

9 (e) INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A 

10 COMPACT DISC. 

1 1 (f) BACKGROUND OF THE INVENTION. 

12 (1) Field of the Invention. 

13 (2) Description of Related Art including information disclosed under 37 CFR 1.97 

14 and 1.98. 

1 5 (g) BRIEF SUMMARY OF THE INVENTION. 

1 6 (h) BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S). 

17 (i) DETAILED DESCRIPTION OF THE INVENTION. 

1 8 (j) CLAIM OR CLAIMS (commencing on a separate sheet). 

1 9 (k) ABSTRACT OF THE DISCLOSURE (commencing on a separate sheet). 

20 (1) SEQUENCE LISTING (See MPEP § 2424 and 37 CFR 1 .821-1 .825. A "Sequence 

21 Listing" is required on paper if the application discloses a nucleotide or amino 

22 acid sequence as defined in 37 CFR 1 .82 1 (a) and if the required "Sequence 

23 Listing" is not submitted as an electronic document on compact disc). 
24 

25 The disclosure is objected to because of the following informalities: 

26 Page 6 Line 26 recites a U.S. Patent number as a "U.S. Patent Application". 

27 Appropriate correction is required. 

28 Claim Objections 

29 Claims 11, 14-18, and 29 are objected to because of the following informalities: 

30 Claim 1 1 recites "decrypts the authentication data at its first use". It is not clear on which 



3 1 items first use the authentication data is decrypted. For the purposes of searching the prior art, 

32 the examiner will assume that "its" refers to the authentication data, and not to the encryption 

33 key, decryption key, or the authentication software. 
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1 Claims 14, and 18 are not grammatically correct. For example, the use of commas is 

2 improper, and causes sentence fragments which do not make sense. 

3 Claim 16 lacks a terminating period. 

4 Claim 29 recites "a second transaction using", which should read "a second transaction 

5 party using". 

6 Appropriate correction is required. 

7 Claim Rejections - 35 USC § 102 

8 The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

9 basis for the rejections under this section made in this Office action: 

10 A person shall be entitled to a patent unless 

1 1 (a) the invention was known or used by others in this country, or patented or described in 

12 a printed publication in this or a foreign country, before the invention thereof by the applicant 

13 for a patent. 
14 

15 (b) the invention was patented or described in a printed publication in this or a foreign 

16 country or in public use or on sale in this country, more than one year prior to the date of 

17 application for patent in the United States. 
18 

19 (e) the invention was described in (1) an application for patent, published under section 

20 122(b), by another filed in the United States before the invention by the applicant for patent or 

21 (2) a patent granted on an application for patent by another filed in the United States before the 

22 invention by the applicant for patent, except that an international application filed under the 

23 treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 

24 application filed in the United States only if the international application designated the United 

25 States and was published under Article 21(2) of such treaty in the English language. 
26 

27 

28 Claims 1-5, 8-12, 14, and 29-30 are rejected under 35 U.S.C. 102(b) as being anticipated 

29 by Ginter et al. (US Patent Application Publication Number 2002/1 12171) for the reasons 

30 provided in the search report for PCT/NL2004/000422. 
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1 Claims 1-5, 8-12, 14, and 29-30 are rejected under 35 U.S.C. 102(b) as being anticipated 

2 by Cocotis et al. (US Patent Application Publication Number 2002/1 12162) for the reasons 

3 provided in the search report for PCT/NL2004/000422 . 

4 Claims 1, 2, 5-7, 10-11, 28, 29, and 31 are rejected under 35 U.S.C. 102(b) as being 

5 anticipated by XTEC (WO 0 1/843 1 9). 

6 Regarding claim 1 , XTEC disclosed a method for performing an electronic transaction 

7 between a first transaction party and a second transaction party using an electronic device 

8 operated by the first transaction party, the method comprising: providing authentication data in a 

9 memory of said electronic device which authentication data arc inaccessible to a user of said 

10 electronic device; providing authentication software in said electronic device, the authentication 

1 1 data being accessible to said authentication software; activating the authentication software to 

12 generate a digital signature from the authentication data; providing the digital signature to the 

13 second transaction party (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 

14 19). 
15 

16 Regarding claim 28, XTEC disclosed a method for encrypting digital data on an 

17 electronic device using an encryption key, the method comprising: gathering session specific 

1 8 data; hashing said session specific data to obtain reference numbers referring to positions in an 

19 authentication table stored in said electronic device; generating said encryption key from the 

20 characters stored in the authentication table at said positions; and encrypting said digital data 

21 using said encryption key (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 

22 19). 
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1 Regarding claims 2 and 29, XTEC disclosed a system for performing an electronic 

2 transaction between a first transaction party and a second transaction using an electronic device 

3 operated by the first transaction party, the system comprising: means for providing 

4 authentication data in a memory of said electronic device which authentication data are 

5 inaccessible to a user of the electronic device; means for providing authentication software in 

6 said electronic device, the authentication data being accessible to said authentication software; 

7 means for activating the authentication software to generate a digital signature from the 

8 authentication data; means for providing the digital signature to the second transaction party; and 

9 means for providing digital data from the second transaction party to the first transaction party 
10 (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 19). 

1 1 

12 Regarding claim 3 1 , XTEC disclosed a system for encrypting digital data using an 

13 encryption key, the system comprising: means for providing authentication data in a memory of 

14 said electronic device which authentication data are inaccessible to a user of the electronic 

15 device; means for providing authentication software in said electronic device, the authentication 

16 data being accessible to said authentication software; means for activating the authentication 

17 software to generate a digital signature from the authentication data; means for gathering session 

1 8 specific data; means for hashing said session specific data to obtain reference numbers referring 

19 to positions in an authentication table stored in said electronic device; means for generating said 

20 encryption key from the characters stored in the authorization table at said positions; and means 

21 for encrypting said digital data using said encryption key (XTEC Page 2 Line 19 - Page 4 Line 4, 

22 Page 5 Line 3 -Page 8 Line 19). 
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1 Regarding claims 5-7, XTEC disclosed wherein the authentication data are provided by 

2 the second transaction party, which stores the authentication data together with data identifying 

3 the first transaction party, (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 

4 19), wherein the second transaction party uses the stored authentication data to obtain 

5 transaction specific authentication data according to a specific algorithm (XTEC Page 2 Line 19 



6 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 19), wherein the second transaction party verifies 

7 the digital signature provided by the first transaction party using the authentication data stored at 

8 the second transaction party (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 

9 19). 

10 Regarding claims 10 and 11, XTEC disclosed wherein the authentication data are 



1 1 encrypted by the second transaction party using an encryption key before the authentication data 

12 are provided to the first transaction party, and wherein the authentication software retrieves a 

13 decryption key associated with the encryption key and decrypts the authentication data at its first 

14 use (XTEC Page 2 Line 19 - Page 4 Line 4, Page 5 Line 3 - Page 8 Line 19). 
15 

16 



1 7 Claim Rejections - 35 USC §103 

18 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

19 obviousness rejections set forth in this Office action: 

20 A patent may not be obtained though the invention is not identically disclosed or 

21 described as set forth in section 102 of this title, if the differences between the subject matter 

22 sought to be patented and the prior art are such that the subject matter as a whole would have 

23 been obvious at the time the invention was made to a person having ordinary skill in the art to 

24 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

25 the invention was made. 
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1 

2 Claims 6, 7, 13, and 15-27 are rejected under 35 U.S.C. 103(a) as being unpatentable 

3 over Ginter et al. (US Patent Application Publication Number 2002/1 12171) for the reasons 

4 provided in the search report for PCT/NL2004/000422. 

5 Claims 6, 7, 13, and 15-27 are rejected under 35 U.S.C. 103(a) as being unpatentable 

6 over Cocotis et al. (US Patent Application Publication Number 2002/1 12162) for the reasons 

7 provided in the search report for PCT/NL2004/000422. 

8 Claims 1-11, 14-18, and 29-30 are rejected under 35 U.S.C. 103(a) as being unpatentable 

9 over Cooper et al. (US Patent Number 7,426,750) hereinafter referred to as Cooper, and further 

1 0 in view of Mott et al. (US Patent Number 6, 1 70,060) hereinafter referred to as Mott. 

1 1 Regarding claims 1 and 29, Cooper disclosed a system and method for performing an 

12 electronic transaction between a first transaction party and a second transaction party using an 

13 electronic device operated by the first transaction party, the method comprising: providing 

14 authentication data in a memory of said electronic device (Cooper Col. 9 Line 56- Col. 10 Line 

15 14); generate a digital signature from the authentication data (Cooper Col. 29 Lines 17-26); 

16 providing the digital signature to the second transaction party (Cooper Col. 22 Line 35 - Col. 28 

17 Line 6). Cooper failed to specifically disclose that authentication data are inaccessible to a user 

18 of said electronic device. However, it was well known in the art at the time of invention to 

19 secure authentication data, such as private encryption keys, from user access, and therefore, the 

20 ordinary person skilled in the art would have found it obvious to have done so. This would have 

2 1 been obvious because the ordinary person skilled in the art would have been motivated to protect 

22 the authentication data from being altered or exposed. 
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1 Cooper further failed to disclose providing authentication software in said electronic 

2 device, the authentication data being accessible to said authentication software; or activating the 

3 authentication software to generate the digital signature. 

4 Mott teaches that in a content player, the signature in the content should be verified by 

5 the player prior to allowing the content to be played back (Col 19 Lines 18-37). 

6 It would have been obvious to the ordinary person skilled in the art at the time of 

7 invention to have employed the teachings of Mott in the system of Cooper by providing 

8 authentication software for generating the signature and for verifying that the signature in the 

9 watermark matches the signature generated in the authentication software prior to permitting 

10 playback of the content. This would have been obvious because the ordinary person skilled in 

1 1 the art would have been motivated to ensure that the content had not been illicitly altered, and to 

12 ensure that the player would not play illicitly altered or copied content. 

13 Regarding claims 9 and 30, Cooper and Mott taught a system and method for performing 

14 a verification of legitimate use of digital data on an electronic device, the method comprising: 

15 providing authentication data in a memory of said electronic device which authentication data 

16 are inaccessible to a user of the electronic device (Cooper Col. 9 Line 56- Col. 10 Line 14 and 

17 the rejection of claim 1 above); providing authentication software in said electronic device, the 

18 authentication data being accessible to said authentication software (Mott Col. 19 Lines 18-37 

19 and the rejection of claim 1 above); activating the authentication software to regenerate a digital 

20 signature from the authentication data (Mott Col. 19 Lines 1 8-37 and the rejection of claim 1 

21 above); providing the digital signature to the authentication software by an application accessing 

22 digital data having a digital signature embedded therein (Mott Col. 19 Lines 18-37 and the 
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1 rejection of claim 1 above); and comparing the regenerated digital signature with the embedded 

2 digital signature (Mott Col. 19 Lines 18-37 and the rejection of claim 1 above). 

3 Regarding claims 2-3 Cooper and Mott taught that the second transaction party provides 

4 digital data to the first transaction party, and that the second transaction party embeds the digital 

5 signature in the digital data provided to the first transaction party (Cooper Col. 22 Line 35 - Col. 

6 28 Line 6 and Col. 29 Lines 17-26). 

7 Regarding claim 4, Cooper and Mott taught that the second transaction party stores the 

8 digital signature together with data identifying the first transaction party (Cooper Col. 29 Lines 

9 17-26). 

10 Regarding claims 5-7, Cooper and Mott taught wherein the authentication data are 

1 1 provided by the second transaction party, which stores the authentication data together with data 

12 identifying the first transaction party, wherein the second transaction party uses the stored 

13 authentication data to obtain transaction specific authentication data according to a specific 

14 algorithm, wherein the second transaction party verifies the digital signature provided by the first 

1 5 transaction party using the authentication data stored at the second transaction party (Cooper Col. 

16 16 Line 49 -Col. 21 Line 10). 

17 Regarding claim 8, Cooper and Mott taught that the first transaction party further 

1 8 provides a signed digital signature to the second transaction party, the signed digital signature 

19 being generated by the authentication software by signing the digital signature using a private 

20 key, which private key is unique for said authentication software and is known to a third party 

21 (See the rejection of claim 1 above). 
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1 Regarding claims 10-11, Cooper and Mott taught that the authentication data are 

2 encrypted by the second transaction party using an encryption key before the authentication data 

3 are provided to the first transaction party, and wherein the authentication software retrieves a 

4 decryption key associated with the encryption key and decrypts the authentication data at its first 

5 use (Cooper Col. 29 Lines 17-26 and the rejection of claim 1 above). 

6 Regarding claims 14-18, while Cooper and Mott did not specifically teach that the 

7 authentication data are encrypted, when the authentication data are stored in said memory, a 

8 decryption key for decrypting, the authentication data being inaccessible to said user and to any 

9 user-operated software, thereby rendering the authentication data inaccessible to said user, 

10 wherein the authentication data are encrypted using at least two encryption layers, wherein at 

1 1 least one encryption layer may be decrypted using a decryption key associated with one or more 

12 serial numbers of hardware components of said electronic device, wherein at least one encryption 

13 layer may be decrypted by the authentication software, and wherein the authentication data are 

14 decrypted in a secure processing, environment inaccessible to said user and to any user-operated 

15 software, these were well known features of secure storage in the art at the time of invention, and 

16 as such, would have been obvious to the ordinary person skilled in the art at the time of 

17 invention. 

18 Claims 12-13 and 26-27 are rejected under 35 U.S. C. 103(a) as being unpatentable over 

19 Cooper and Mott as applied to claim 1 above, and further in view of Challener et al. (US Patent 

20 Application Publication 20030208338) hereinafter referred to as Challener. 

21 While Cooper and Mott taught that the authentication data was inaccessible to the user, 

22 Cooper and Mott failed to specifically teach that the memory was inaccessible to an operating 
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1 system of the electronic device, that the authentication data are provided in a BIOS of the 

2 electronic device, or that the authentication software is inaccessible to an operating system and is 

3 run in a secure processing environment. 

4 Challener teaches that in many computer platforms, trusted information such as private 

5 keys, digital certificates, random number generators, protected storage and the Root-of-Trust 

6 Measurement, reside on two hardware chips within the platform, the Trusted Platform Module 

7 (TPM) and the POST/BIOS Module (Challener Paragraph 00 1 8). Challener further teaches that 

8 the BIOS is used to verify signatures (Challener Paragraph 0028). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 

10 invention to have employed the teachings of Challener in the signature verification content 

1 1 player system of Cooper and Mott by storing the authentication data, such as the private and 

12 public keys, in the BIOS, and having the BIOS routines perform the authentication. This would 

13 have been obvious because the ordinary person skilled in the art would have been motivated to 

14 provide a specific means to the generic teachings for storing the authentication data and for 

1 5 implementing the verification processing. 

16 Claims 19-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Cooper and 

17 Mott as applied to claim 1 above, and further in view of Unicate (WO 00/67143). 

1 8 While Cooper and Mott disclosed authentication of a signature, Cooper and Mott failed to 

19 specifically disclose the authentication data comprise an authentication table, wherein the 

20 authentication table is generated from a bit string which is generated from fixed data and variable 

21 data, wherein the fixed data are at least part of a serial number of a hardware device, wherein the 

22 fixed data are at least part of a device specific software identification code of the authentication 
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1 software, wherein the variable data comprise a random table, wherein the random table is 

2 calculated from a random two-dimensional or three-dimensional pattern, or wherein the 

3 authentication table is generated from fixed data, variable data and a bit string, which bit string is 

4 specific to a trusted third party that provides the authentication data. 

5 Unicate teaches an authentication system wherein the authentication data comprise an 

6 authentication table, wherein the authentication table is generated from a bit string which is 

7 generated from fixed data and variable data, wherein the fixed data are at least part of a serial 

8 number of a hardware device, wherein the fixed data are at least part of a device specific 

9 software identification code of the authentication software, wherein the variable data comprise a 

10 random table, wherein the random table is calculated from a random two-dimensional or three- 

1 1 dimensional pattern, or wherein the authentication table is generated from fixed data, variable 

12 data and a bit string, which bit string is specific to a trusted third party that provides the 

13 authentication data (Page 13 Line 34 - Page 15 Line 2). 

14 It would have been obvious to the ordinary person skilled in the art at the time of 

15 invention to have employed the teachings of Unicate in the content player system of Cooper and 

16 Mott by employing the authentication table for generating the signatures to be embedded in the 

17 content. This would have been obvious because the ordinary person skilled in the art would have 

1 8 been motivated to provide a secure transaction without the need for cryptography. 

19 Conclusion 

20 Claims 1-3 1 have been rejected. 

21 The prior art made of record and not relied upon is considered pertinent to applicant's 

22 disclosure. 
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1 Any inquiry concerning this communication or earlier communications from the 

2 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

3 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

4 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

5 supervisor, William Korzuch can be reached on (571)272-7589. The fax phone number for the 

6 organization where this application or proceeding is assigned is 571-273-8300. 

7 Information regarding the status of an application may be obtained from the Patent 

8 Application Information Retrieval (PAIR) system. Status information for published applications 

9 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

10 applications is available through Private PAIR only. For more information about the PAIR 

1 1 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

1 2 system, contact the Electronic Business Center (EBC) at 866-2 17-9197 (toll-free) . If you would 

13 like assistance from a USPTO Customer Service Representative or access to the automated 

14 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
15 

16 

1 7 /Matthew T Henning/ 

1 8 Examiner, Art Unit 243 1 
19 

20 



